Many network intrusion detection systems (NIDS) use byte sequences as signatures to detect malicious activity. While being highly efficient, they tend to suffer from a high false...
In this paper, we study using game theory the problem of detecting intrusions in wired infrastructure networks. Detection is accomplished by sampling a subset of the transmitted p...
Hadi Otrok, Mona Mehrandish, Chadi Assi, Mourad De...
Active operating system fingerprinting is the process of actively determining a target network system’s underlying operating system type and characteristics by probing the targ...
Fedor V. Yarochkin, Ofir Arkin, Meder Kydyraliev, ...
In this paper, we study the impact of today’s IT policies, defined based upon a monoculture approach, on the performance of endhost anomaly detectors. This approach leads to th...
Current information protection systems only detect and warn against individual intrusion, and are not able to provide a collective and synthesized alert message. In this paper, we ...
Keun-Hee Han, Il-Gon Kim, Kang-Won Lee, Ji-Yeon Ch...